At UW-Madison, the Secrets Management service offers two powerful tools: CyberArk Conjur and 1Password. Each tool is designed to address different use cases and meet the diverse needs of our campus community.

Why Secrets Management is Important

Secrets are critical for ensuring secure access to systems, applications, and data. Without a secure mechanism to manage secrets, organizations face risks such as unauthorized access, data breaches, and non-compliance with security policies.

The Secrets Management service helps:

• Protect sensitive information from unauthorized access.

• Streamline access to credentials for authorized users and systems.

• Automate security practices to reduce human error.

• Ensure compliance with security and data privacy standards.

UW-Madison’s Secrets Management Tools

CyberArk Conjur

CyberArk Conjur is an enterprise-grade solution designed for managing secrets in complex and dynamic environments, such as those using DevOps workflows, cloud platforms, and containerized applications.

Key Features:

• Machine-Centric Management: Ideal for managing secrets used by applications, scripts, and automated processes.

• Integration with DevOps Tools: Seamlessly integrates with Kubernetes, Jenkins, Docker, and other tools.

• Dynamic Secrets Generation: Minimizes the risk of long-lived secrets exposure.

• Role-Based Access Control (RBAC): Provides granular control over who or what has access to specific secrets.

• Auditing and Compliance: Tracks secrets access and usage for compliance reporting.

Best For:

• IT teams managing large-scale systems or automated workflows.

• Applications and services requiring secure machine-to-machine authentication.

• Departments with complex infrastructure or regulatory requirements.

1Password

1Password is a user-friendly tool for securely managing human-centric secrets such as passwords, secure notes, and personal information. It also supports basic automation for secrets management in small-scale environments.

Key Features:

• User-Friendly Interface: Easy to use for storing and sharing credentials.

• Team Vaults: Securely share access to secrets within teams or departments.

• Cross-Platform Support: Available on desktop, mobile, and web browsers.

• Secure Sharing: Share secrets with individuals or groups securely.

• Secrets Automation: Basic API support for integrating with scripts and workflows.

Best For:

• Faculty, staff, and teams managing personal or shared credentials.

• Departments with simpler needs for human-readable secrets.

• Users new to secrets management or seeking a straightforward solution.

Choosing the Right Tool

When deciding between CyberArk Conjur and 1Password, consider the following:

How to Get Started

1. Evaluate Your Needs:

   • Are you managing secrets for applications, systems, or automation? Start with CyberArk Conjur.

   • Are you managing passwords or secure notes for people? Begin with 1Password.

2. Access the Tools:

   • CyberArk Conjur: [Link to UW-Madison Conjur Access and Documentation]

   • 1Password: 1Password - Getting Started with 1Password at UW-Madison

3. Contact Support: If you’re unsure which tool is best for you, our Secrets Management team is here to help. Reach out at [support email] or visit [support webpage].

Additional Resources

• [UW-Madison Information Security Policies]

• [Getting Started with CyberArk Conjur Guide]

• 1Password - Getting Started with 1Password at UW-Madison

• [Secrets Management Best Practices]

By leveraging the Secrets Management service, you can ensure that sensitive credentials are stored and used securely, supporting UW-Madison’s commitment to robust information security.